﻿using System;
using System.Net;
using System.Web;
using System.Web.Mvc;
using MvcCms.Service.Code;

namespace MvcCms.Service.Filters
{
    [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = false)]
    public sealed class RequireSslAttribute : FilterAttribute, IAuthorizationFilter
    {

        public bool Redirect
        {
            get;
            set;
        }

        public void OnAuthorization(AuthorizationContext filterContext)
        {

            if (filterContext == null)
            {
                throw new ArgumentNullException("filterContext");
            }

            if (!DevCheck.IsDev() || filterContext.HttpContext.Application["DevUsesSSL"].ToString() == "true")
            {
                if (!filterContext.HttpContext.Request.IsSecureConnection)
                {
                    // request is not SSL-protected, so throw or redirect
                    if (Redirect)
                    {
                        // form new URL
                        UriBuilder builder = new UriBuilder()
                        {
                            Scheme = "https",
                            Host = filterContext.HttpContext.Request.Url.Host,
                            // use the RawUrl since it works with URL Rewriting
                            Path = filterContext.HttpContext.Request.RawUrl
                        };
                        filterContext.Result = new RedirectResult(builder.Uri.AbsoluteUri, true);
                    }
                    else
                    {
                        throw new HttpException((int)HttpStatusCode.Forbidden, "Access forbidden. The requested resource requires an SSL connection.");
                    }
                }
            }
        }

    }
}